Major changes in mainline functions, new file cretated.
This commit is contained in:
@@ -5,9 +5,13 @@
|
||||
LETSENCRYPT_URL=$LETSENCRYPT_URL
|
||||
DOMAIN_DIR=$DOMAIN_DIR
|
||||
DOMAIN=$1
|
||||
CERT_DIR=$CERT_DIR/$DOMAIN
|
||||
DOMAIN_CERT_DIR=$CERT_DIR/$DOMAIN
|
||||
|
||||
service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec"
|
||||
service_exec="docker run --rm \
|
||||
-v /etc/user/config/user.json:/etc/user/config/user.json:ro \
|
||||
-v /etc/user/config/services/:/services/:ro \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||
-v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec"
|
||||
|
||||
letsencrypt_certificates() {
|
||||
$service_exec /services/letsencrypt.json start
|
||||
@@ -16,24 +20,24 @@ $service_exec /services/letsencrypt.json start
|
||||
create_self_signed_certificate() {
|
||||
|
||||
# generate dhparam file
|
||||
openssl dhparam -dsaparam -out $CERT_DIR/dhparam.pem 4096
|
||||
openssl dhparam -dsaparam -out $DOMAIN_CERT_DIR/dhparam.pem 4096;
|
||||
|
||||
# generate key
|
||||
openssl req -x509 -newkey rsa:4096 -keyout $CERT_DIR/key.pem -out $CERT_DIR/fullchain.pem -days 365 -sha256 -nodes -subj "/CN=$DOMAIN"
|
||||
openssl req -x509 -newkey rsa:4096 -keyout $DOMAIN_CERT_DIR/key.pem -out $DOMAIN_CERT_DIR/cert.pem -days 365 -sha256 -nodes -subj "/CN=$DOMAIN";
|
||||
cp -a $DOMAIN_CERT_DIR/cert.pem $DOMAIN_CERT_DIR/fullchain.pem;
|
||||
|
||||
}
|
||||
|
||||
|
||||
if [[ "$(ls $CERT_DIR)" == "" ]]; then
|
||||
if [ ! -d "$DOMAIN_CERT_DIR" ]; then
|
||||
echo "$DOMAIN not contains certificates, creates new."
|
||||
mkdir -p $CERT_DIR;
|
||||
mkdir -p $DOMAIN_CERT_DIR;
|
||||
CURL_CHECK="curl -s -o /dev/null -w "%{http_code}" https://$LETSENCRYPT_URL";
|
||||
|
||||
if [[ "$(eval $CURL_CHECK)" != "200" ]] ; then
|
||||
create_self_signed_certificate;
|
||||
fi
|
||||
else
|
||||
file="$CERT_DIR/letsencrypt"
|
||||
file="$DOMAIN_CERT_DIR/letsencrypt"
|
||||
{
|
||||
echo "{ \"DOMAIN\": \"$DOMAIN\" }"
|
||||
} >> "$file"
|
||||
|
||||
164
scripts/check_proxy_state.sh
Executable file
164
scripts/check_proxy_state.sh
Executable file
@@ -0,0 +1,164 @@
|
||||
# Initial parameters
|
||||
DATE=`date +%F-%H-%M-%S`
|
||||
TIMEOUT=$TIMEOUT
|
||||
RESTART=$RESTART
|
||||
RESTART_COUNTER=0
|
||||
|
||||
# Set env variables
|
||||
PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE
|
||||
ROLE=$ROLE
|
||||
SERVICE_NAME=$SERVICE_NAME
|
||||
|
||||
service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec"
|
||||
|
||||
do_proxy_restart() {
|
||||
|
||||
local NAMES="$1"
|
||||
|
||||
for proxies in $NAMES ; do
|
||||
docker stop $proxies;
|
||||
sleep $TIMEOUT;
|
||||
$service_exec $SERVICE_NAME.containers.$proxies start
|
||||
if docker ps | grep $proxies ; then
|
||||
if [ -z "$DOMAIN" ] ; then
|
||||
echo "$proxies restarted successful";
|
||||
else
|
||||
check_domain;
|
||||
fi
|
||||
else
|
||||
PROXY_NAME=$proxies
|
||||
for retries in $(seq 0 $((RESTART + 1))); do
|
||||
if [[ $retries -le $RESTART ]] ; then
|
||||
echo "Proxy "$PROXY_NAME" restarting in progress";
|
||||
docker stop $proxies;
|
||||
sleep $TIMEOUT;
|
||||
$service_exec $SERVICE_NAME.containers.$PROXY_NAME start
|
||||
if docker ps | grep $PROXY_NAME ; then
|
||||
echo "$PROXY_NAME restarted successful";
|
||||
else
|
||||
echo "Restarting number is only: "$retries" so try again"
|
||||
sleep $TIMEOUT;
|
||||
fi
|
||||
else
|
||||
echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state"
|
||||
recover_process;
|
||||
fi
|
||||
done
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
check_domain() {
|
||||
echo "Checking $DOMAIN name";
|
||||
CURL_CHECK="curl -s -o /dev/null -w "%{http_code}" https://$DOMAIN";
|
||||
if [[ "$(eval $CURL_CHECK)" == "200" ]] ; then
|
||||
echo "$proxies restarted successful";
|
||||
else
|
||||
send_error_msg;
|
||||
fi
|
||||
}
|
||||
|
||||
recover_process() { echo "Recovering previous state"
|
||||
}
|
||||
|
||||
send_error_msg () { echo "Sending error messages"
|
||||
}
|
||||
|
||||
check_proxy_state() {
|
||||
|
||||
# Set restart counter to zero
|
||||
CONTAINER_NAMES="";
|
||||
CONTAINERS_BY_ROLE=0
|
||||
RUNNING_CONTAINERS=0
|
||||
|
||||
# Check services with running containers by roles
|
||||
for CONTAINER in $(jq -r --arg ROLE $ROLE '.containers[] | select(.ROLES==$ROLE)' $PROXY_SERVICE_FILE | jq -r .NAME) ; do
|
||||
|
||||
CONTAINERS_BY_ROLE=$((CONTAINERS_BY_ROLE +1))
|
||||
|
||||
UP=$(docker ps | grep $CONTAINER | grep Up | wc -l)
|
||||
RUNNING_CONTAINERS=$((RUNNING_CONTAINERS + UP))
|
||||
|
||||
CONTAINERS=$CONTAINERS" "$CONTAINER;
|
||||
|
||||
if [[ "$UP" != 0 ]]; then
|
||||
CONTAINER_NAMES=$CONTAINER_NAMES" "$CONTAINER;
|
||||
fi;
|
||||
done;
|
||||
|
||||
# The roles numbers and the running containers numbers are equal or greater than 2
|
||||
if [[ "$RUNNING_CONTAINERS" == "$CONTAINERS_BY_ROLE" || "$RUNNING_CONTAINERS" -ge 2 ]] ; then
|
||||
echo "Starting proxy restart process";
|
||||
do_proxy_restart "$CONTAINER_NAMES";
|
||||
|
||||
# In case of no running proxies found, try to start the service
|
||||
elif [[ "$RUNNING_CONTAINERS" -eq 0 ]] ; then
|
||||
echo "No running proxies found, starting all";
|
||||
|
||||
$service_exec /services/$SERVICE_NAME.json start;
|
||||
|
||||
for proxies in $CONTAINERS ; do
|
||||
|
||||
if docker ps | grep $proxies ; then
|
||||
echo "$proxies started successful";
|
||||
else
|
||||
echo "$proxies starting was unsuccesful"
|
||||
fi
|
||||
done
|
||||
# In case of only one running proxy found, try to start the others of the service
|
||||
elif [[ "$RUNNING_CONTAINERS" -eq 1 ]] ; then
|
||||
echo "Only one running proxy found, starting all of the others";
|
||||
for proxies in $CONTAINERS ; do
|
||||
if [[ $proxies != $CONTAINER_NAMES ]] ; then
|
||||
echo "No running containers: "$proxies" found.";
|
||||
$service_exec $SERVICE_NAME.containers.$proxies start;
|
||||
if docker ps | grep $proxies ; then
|
||||
echo "$proxies started successful";
|
||||
else
|
||||
echo "$proxies starting was unsuccesful";
|
||||
fi
|
||||
else
|
||||
ONLY_RUNNING_PROXY_NAME=$proxies;
|
||||
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
# At last need to restart the only one running proxy when the others started successful.
|
||||
for CHECK_PROXIES in $CONTAINERS ; do
|
||||
if [[ $CHECK_PROXIES != $ONLY_RUNNING_PROXY_NAME ]] ; then
|
||||
if docker ps | grep $CHECK_PROXIES ; then
|
||||
echo "Not running proxies successfuly started, let's start the only running one.";
|
||||
do_proxy_restart $ONLY_RUNNING_PROXY_NAME;
|
||||
else
|
||||
echo "Not enough running proxies found, can't start the only running one.";
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
# sleep $TIMEOUT;
|
||||
# RESTART_COUNTER=$((RESTART_COUNTER +1))
|
||||
#
|
||||
# echo "RUNNING CONTAINERS: "$RUNNING_CONTAINERS;
|
||||
#
|
||||
# if [[ "$RESTART_COUNTER" -le "$RESTART" ]] ; then
|
||||
# echo "ELSE: check proxy state";
|
||||
# check_proxy_state;
|
||||
# else
|
||||
# recover_process;
|
||||
# fi
|
||||
# for CONTAINER in `echo $CONTAINER_NAMES`; do
|
||||
|
||||
|
||||
# done;
|
||||
|
||||
fi
|
||||
|
||||
} # end of check_proxy_state
|
||||
|
||||
|
||||
# call method
|
||||
check_proxy_state
|
||||
|
||||
|
||||
@@ -3,11 +3,10 @@
|
||||
cd /proxy_config
|
||||
|
||||
DOMAIN=$1
|
||||
DEL=$2
|
||||
if [[ $DEL != "" ]]; then
|
||||
if [ -n "$2" ]; then
|
||||
echo "$DOMAIN DELETED";
|
||||
rm $DOMAIN.conf;
|
||||
exit 0;
|
||||
exit;
|
||||
fi
|
||||
|
||||
DOMAIN_SOURCE=/domains/$DOMAIN
|
||||
@@ -24,11 +23,12 @@ ERROR_PAGE=$(jq -r .ERROR_PAGE $DOMAIN_SOURCE)
|
||||
|
||||
# check whether certificates exist or not
|
||||
|
||||
if [ $HTTPS_PORT != "" ]; then
|
||||
if [[ $HTTPS_PORT != "" ]]; then
|
||||
/scripts/check_certificates.sh "$DOMAIN";
|
||||
fi
|
||||
|
||||
echo $DOMAIN;
|
||||
echo "3";
|
||||
echo "created domain name: "$DOMAIN;
|
||||
|
||||
file="/tmp/$DOMAIN.conf"
|
||||
|
||||
@@ -36,7 +36,7 @@ file="/tmp/$DOMAIN.conf"
|
||||
|
||||
{
|
||||
|
||||
if [ $HTTP_PORT != "" ]; then
|
||||
if [[ $HTTP_PORT != "" ]]; then
|
||||
echo "server {
|
||||
listen $HTTP_PORT;
|
||||
server_name $DOMAIN_NAME;
|
||||
|
||||
@@ -1,176 +1,19 @@
|
||||
#!/bin/sh
|
||||
|
||||
service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec"
|
||||
|
||||
# Initial parameters
|
||||
DATE=`date +%F-%H-%M-%S`
|
||||
TIMEOUT=$TIMEOUT
|
||||
RESTART=$RESTART
|
||||
RESTART_COUNTER=0
|
||||
DATE=`date +%F-%H-%M-%S`
|
||||
|
||||
# Set env variables
|
||||
|
||||
DOMAIN_DIR=$DOMAIN_DIR
|
||||
CERT_DIR=$CERT_DIR
|
||||
PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE
|
||||
PROXY_CONFIG_DIR=$PROXY_CONFIG_DIR
|
||||
ROLE=$ROLE
|
||||
SERVICE_NAME=$SERVICE_NAME
|
||||
|
||||
do_proxy_restart() {
|
||||
|
||||
local NAMES="$1"
|
||||
|
||||
for proxies in $NAMES ; do
|
||||
docker stop $proxies;
|
||||
sleep $TIMEOUT;
|
||||
$service_exec $SERVICE_NAME.containers.$proxies start
|
||||
if docker ps | grep $proxies ; then
|
||||
if [ -z "$DOMAIN" ] ; then
|
||||
echo "$proxies restarted successful";
|
||||
else
|
||||
check_domain;
|
||||
fi
|
||||
else
|
||||
PROXY_NAME=$proxies
|
||||
for retries in $(seq 0 $((RESTART + 1))); do
|
||||
if [[ $retries -le $RESTART ]] ; then
|
||||
echo "Proxy "$PROXY_NAME" restarting in progress";
|
||||
docker stop $proxies;
|
||||
sleep $TIMEOUT;
|
||||
$service_exec $SERVICE_NAME.containers.$PROXY_NAME start
|
||||
if docker ps | grep $PROXY_NAME ; then
|
||||
echo "$PROXY_NAME restarted successful";
|
||||
else
|
||||
echo "Restarting number is only: "$retries" so try again"
|
||||
sleep $TIMEOUT;
|
||||
fi
|
||||
else
|
||||
echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state"
|
||||
recover_process;
|
||||
fi
|
||||
done
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
check_domain() { echo "Checking $DOMAIN name";
|
||||
CURL_CHECK="curl -s -o /dev/null -w "%{http_code}" https://$DOMAIN";
|
||||
if [[ "$(eval $CURL_CHECK)" == "200" ]] ; then
|
||||
echo "$proxies restarted successful";
|
||||
else
|
||||
send_error_msg;
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
recover_process() { echo "Recovering previous state"
|
||||
}
|
||||
|
||||
send_error_msg () { echo "Sending error messages"
|
||||
}
|
||||
|
||||
check_proxy_state() {
|
||||
# Set restart counter to zero
|
||||
|
||||
CONTAINER_NAMES="";
|
||||
CONTAINERS_BY_ROLE=0
|
||||
RUNNING_CONTAINERS=0
|
||||
|
||||
# Check services with running containers by roles
|
||||
for CONTAINER in $(jq -r --arg ROLE $ROLE '.containers[] | select(.ROLES==$ROLE)' $PROXY_SERVICE_FILE | jq -r .NAME) ; do
|
||||
|
||||
CONTAINERS_BY_ROLE=$((CONTAINERS_BY_ROLE +1))
|
||||
|
||||
UP=$(docker ps | grep $CONTAINER | grep Up | wc -l)
|
||||
RUNNING_CONTAINERS=$((RUNNING_CONTAINERS + UP))
|
||||
|
||||
CONTAINERS=$CONTAINERS" "$CONTAINER;
|
||||
|
||||
if [[ "$UP" != 0 ]]; then
|
||||
CONTAINER_NAMES=$CONTAINER_NAMES" "$CONTAINER;
|
||||
fi;
|
||||
done;
|
||||
|
||||
# The roles numbers and the running containers numbers are equal or greater than 2
|
||||
if [[ "$RUNNING_CONTAINERS" == "$CONTAINERS_BY_ROLE" || "$RUNNING_CONTAINERS" -ge 2 ]] ; then
|
||||
echo "Starting proxy restart process";
|
||||
do_proxy_restart "$CONTAINER_NAMES";
|
||||
|
||||
# In case of no running proxies found, try to start the service
|
||||
elif [[ "$RUNNING_CONTAINERS" -eq 0 ]] ; then
|
||||
echo "No running proxies found, starting all";
|
||||
|
||||
$service_exec /services/$SERVICE_NAME.json start;
|
||||
|
||||
for proxies in $CONTAINERS ; do
|
||||
|
||||
if docker ps | grep $proxies ; then
|
||||
echo "$proxies started successful";
|
||||
else
|
||||
echo "$proxies starting was unsuccesful"
|
||||
fi
|
||||
done
|
||||
# In case of only one running proxy found, try to start the others of the service
|
||||
elif [[ "$RUNNING_CONTAINERS" -eq 1 ]] ; then
|
||||
echo "Only one running proxy found, starting all of the others";
|
||||
for proxies in $CONTAINERS ; do
|
||||
if [[ $proxies != $CONTAINER_NAMES ]] ; then
|
||||
echo "No running containers: "$proxies" found.";
|
||||
$service_exec $SERVICE_NAME.containers.$proxies start;
|
||||
if docker ps | grep $proxies ; then
|
||||
echo "$proxies started successful";
|
||||
else
|
||||
echo "$proxies starting was unsuccesful";
|
||||
fi
|
||||
else
|
||||
ONLY_RUNNING_PROXY_NAME=$proxies;
|
||||
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
# At last need to restart the only one running proxy when the others started successful.
|
||||
for CHECK_PROXIES in $CONTAINERS ; do
|
||||
if [[ $CHECK_PROXIES != $ONLY_RUNNING_PROXY_NAME ]] ; then
|
||||
if docker ps | grep $CHECK_PROXIES ; then
|
||||
echo "Not running proxies successfuly started, let's start the only running one.";
|
||||
do_proxy_restart $ONLY_RUNNING_PROXY_NAME;
|
||||
else
|
||||
echo "Not enough running proxies found, can't start the only running one.";
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
# sleep $TIMEOUT;
|
||||
# RESTART_COUNTER=$((RESTART_COUNTER +1))
|
||||
#
|
||||
# echo "RUNNING CONTAINERS: "$RUNNING_CONTAINERS;
|
||||
#
|
||||
# if [[ "$RESTART_COUNTER" -le "$RESTART" ]] ; then
|
||||
# echo "ELSE: check proxy state";
|
||||
# check_proxy_state;
|
||||
# else
|
||||
# recover_process;
|
||||
# fi
|
||||
# for CONTAINER in `echo $CONTAINER_NAMES`; do
|
||||
|
||||
|
||||
# done;
|
||||
|
||||
fi
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
DOMAIN_DIR=$DOMAIN_DIR
|
||||
CERT_DIR=$CERT_DIR
|
||||
PROXY_CONFIG_DIR=$PROXY_CONFIG_DIR
|
||||
|
||||
# Triggers by certificate or proxy config changes
|
||||
|
||||
unset IFS
|
||||
|
||||
inotifywait --exclude .sw -m -e CREATE,CLOSE_WRITE,CLOSE,DELETE -r $DOMAIN_DIR $CERT_DIR $PROXY_CONFIG_DIR | \
|
||||
inotifywait --exclude .sw -m -e CREATE,CLOSE_WRITE,DELETE -r $DOMAIN_DIR $CERT_DIR $PROXY_CONFIG_DIR | \
|
||||
while read dir op file
|
||||
|
||||
do
|
||||
@@ -178,16 +21,24 @@ do
|
||||
|
||||
parent="/"$(echo $dir|cut -d / -f2)
|
||||
|
||||
if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CREATE,CLOSE_WRITE,CLOSE" ]]; then
|
||||
if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] ; then
|
||||
DOMAIN=$(echo $dir|cut -d / -f3);
|
||||
echo "file: "$file;
|
||||
echo "New cert created: '$DOMAIN'";
|
||||
#check_proxy_state;
|
||||
if [ -f "$CERT_DIR/new_certificate" ]; then
|
||||
echo "New cert created: '$DOMAIN'";
|
||||
echo "newcert check proxy";
|
||||
/scripts/check_proxy_state.sh;
|
||||
fi
|
||||
|
||||
elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] || \
|
||||
[[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "DELETE" ]] ; then
|
||||
echo "proxy config created, changed or deleted";
|
||||
check_proxy_state;
|
||||
elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then
|
||||
echo "proxy config created, changed ";
|
||||
/scripts/check_proxy_state.sh;
|
||||
|
||||
elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "DELETE" ]] ; then
|
||||
echo "proxy config deleted";
|
||||
FILE=$(echo $file)
|
||||
if [ ! -f "$PROXY_CONFIG_DIR/$FILE" ]; then
|
||||
/scripts/check_proxy_state.sh;
|
||||
fi
|
||||
|
||||
elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then
|
||||
DOMAIN=$(echo $file);
|
||||
@@ -197,7 +48,10 @@ do
|
||||
elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "DELETE" ]] ; then
|
||||
DOMAIN=$(echo $file);
|
||||
echo "domain deleted";
|
||||
/scripts/nginx_config_create.sh "$DOMAIN" "DEL";
|
||||
if [ ! -f "$DOMAIN_DIR/$DOMAIN" ]; then
|
||||
/scripts/nginx_config_create.sh "$DOMAIN" "DEL";
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
done
|
||||
|
||||
Reference in New Issue
Block a user